Google Sued Over Apple Browsing Privacy

Source: Sky News

Google is facing legal action in the UK over claims it breached the privacy of people browsing the internet on Apple computers and mobile devices. Twelve people are seeking damages from the company for allegedly tracking their use of the web without their knowledge.

The claimants say Google designed a code to secretly install cookies - small tracking files - on the Safari internet browser. Cookies can be used to target advertising based on the type of websites someone looks at.

Olswang, the law firm handling the case, gives the example of a person searching for engagement rings could find that their partner, using the same computer, later sees adverts for rings. The claimants say they thought cookies were being blocked on the devices because of assurances given by Google and Safari's only default privacy settings.

It is estimated that around 10 million people could have grounds to bring a claim given the number of Apple users at the time in question - summer 2011 to spring 2012. There is no suggestion that Apple is in any way at fault in the case.

22. Relevant Oatmeal Comic

2. Some companies are just slow learners.

Google was fined $22.5m (£14.3) in the US last year over similar claims, with the Federal Trade Commission ruling that the firm had broken a promise not to mislead consumers over its privacy practices.

5. This is last years news...

Oh, and by the way.. Google used a known documented feature in Safari.
Looks like Apple needs to fix their browser's security.

Google has immediately issued a statement saying that the Journal mischaracterized what happened and why, and claiming that they used a known Safari functionality to provide features that signed-in Google users had enabled. It has also removed text from one of its sites claiming that Safari users could rely on Safari's privacy settings to prevent tracking by Google.

According to the WSJ's independent technical advisor Ashkan Soltani, Google is not the only ad company doing this. Vibrant Media, WPP PLC's Media Innovation Group and Gannett Co.'s PointRoll have also been using similar techniques to get around Safari's default privacy settings.

Apple has piped out to say that they are working on a solution that would prevent Safari's privacy settings being bypassed ...

Funny, if this action was done on Internet Explorer... would you fault Microsoft or Google?

12. You know, I've been enjoying the double standard with this story since it broke last year.

Apple left a blatant, mile wide security hole in their browser and Google exploited it. Shame on Google, and shame on Apple. I just find it funny that Apple is somehow painted as a victim or an innocent bystander in this scheme....if Internet Explorer, Chrome, or Firefox were found to have a bug that allowed third party websites to bypass their security settings and install arbitrary tracking software, the tech media world would have gone nuts over it as another example of the "inherent insecurity" of the PC world. And god forbid if someone had found a browser exploit on Android that allowed Android users to be tracked and cookies to be placed, even when the security settings prohibited it. That would be front page news on CNN!

Apple drops the same ball, and in a HUGE way, and nobody seems to care. It's Apple, so the media gives them a free pass.

16. 'There is no suggestion that Apple is in any way at fault in the case.'

19. Nobody with an IQ above 3 believes that.

It's an Apple user group filing the suit, so it's natural that they're going to try to shift the blame away from Apple.

But it goes without saying, to anyone with an ounce of technical understanding, that this was a major Apple security hole. A website was able to execute arbitrary code in their web browser which overrode the users intended security setting. No website, anywhere, should be able to do that on any browser, from any company.

There's a technical term for code that does this...it's called an "exploit". Do you know WHY they are called "exploits"? Because they "exploit" security holes left in software by their publishers.

Google should be rightly sued for writing and using an exploit, but Google could have used the exploit without the existence of the original hole, and the security hole itself is 100% Apple's fault. If you read up on the nature of the hole (an autopostback to mark the code as interactive and therefore storable), it was an obvious and stupid mistake on Apples part. They are just as culpable for this as Microsoft is every time some new exploit pops up on IE. It's the result of poorly planned, sloppy programming.